A method to implement traceability and provability on a particular project in software development based on blockchain-recorded transactions of assigned developer time, the method comprising of the following steps: setting up a blockchain network comprised of a distributed, redundant, and tamper-resistant ledger; issuing each user an attestable pre-fabricated and signed virtualized environment on approved hardware that comes with functionality required for the user's role implemented as one of a set of virtual machine templates fashioned from a signed and approved pre-fabricated image; and verifying that assigned developer time is valid, and if so, record each development action on the ledger to enable extensive tracking and auditing of end- to-end software development process.

A method to implement traceability and provability on a particular project in software development based on blockchain-recorded transactions of assigned developer time, the method comprising of the following steps: setting up a blockchain network comprised of a distributed, redundant, and tamper-resistant ledger; issuing each user an attestable pre-fabricated and signed virtualized environment on approved hardware that comes with functionality required for the user's role implemented as one of a set of virtual machine templates fashioned from a signed and approved pre-fabricated image; and verifying that assigned developer time is valid, and if so, record each development action on the ledger to enable extensive tracking and auditing of end- to-end software development process.

A CFI system constituted of: at least one protection module, each comprising a respective allowable flow model associated with at least one of a plurality of portions of a process; and at least one process protection manager, arranged, responsive to a control flow instruction in one of the plurality of portions of the process, to: compare one or more parameters of the control flow instruction to the allowable flow model of the associated protection module; and responsive to an outcome of the comparison indicating that the compared parameters do not meet a respective parameter of the allowable flow model, generate a predetermined signal, wherein each protection module is implemented as a shared object, wherein each process protection manager is implemented as a shared object, and wherein the at least one protection module and the process protection manager are loaded into the process.

Concepts for acquiring information for identifying a security configuration for an application are proposed. In particular, the information is obtained by running the application in a development environment, detecting security requests made on behalf of the application, and then storing security information associated with the security requests in a security log. Using this concept, a security log may be obtained from which an appropriate security configuration may be determined.

Concepts for acquiring information for identifying a security configuration for an application are proposed. In particular, the information is obtained by running the application in a development environment, detecting security requests made on behalf of the application, and then storing security information associated with the security requests in a security log. Using this concept, a security log may be obtained from which an appropriate security configuration may be determined.

Disclosed herein are systems and method for preventing zero-day attacks. A method may include receiving a first report including information about an execution of a first script of an application that modifies a file on a first computing device, and receiving a second report including an indication that the file includes malicious code. In response to determining that an identifier of the file is present in both the first report and the second report, the method may include generating and transmitting, to the first computing device, a first rule that prevents execution of any script that shares at least one operation of the first script. The method may include, in response to determining that a vulnerability detected by the first rule is not present in a vulnerability database, generating an entry in the vulnerability database for the vulnerability as a zero-day vulnerability and transmitting an alert to the application developer.

Disclosed herein are systems and method for preventing zero-day attacks. A method may include receiving a first report including information about an execution of a first script of an application that modifies a file on a first computing device, and receiving a second report including an indication that the file includes malicious code. In response to determining that an identifier of the file is present in both the first report and the second report, the method may include generating and transmitting, to the first computing device, a first rule that prevents execution of any script that shares at least one operation of the first script. The method may include, in response to determining that a vulnerability detected by the first rule is not present in a vulnerability database, generating an entry in the vulnerability database for the vulnerability as a zero-day vulnerability and transmitting an alert to the application developer.

A proactively protected (P2) processing system and method is invented for stopping the cyber-attacks from malicious usages of computing systems. The invention is applicable to eliminate the roots of the cyber-threats before a successful cyber-incident. Thereby, demand for resilient computing systems to survive a cyber-incident will be disappeared. Any recovery act and information loss is not happened. The invention dynamically switches a plurality of instruction sets at random or scheduled time for determining authorized operations with code compatibility. Therefore, a P2 processing system and method can detect and delete only unauthorized operations before being executed while executing authorized operations.

A proactively protected (P2) processing system and method is invented for stopping the cyber-attacks from malicious usages of computing systems. The invention is applicable to eliminate the roots of the cyber-threats before a successful cyber-incident. Thereby, demand for resilient computing systems to survive a cyber-incident will be disappeared. Any recovery act and information loss is not happened. The invention dynamically switches a plurality of instruction sets at random or scheduled time for determining authorized operations with code compatibility. Therefore, a P2 processing system and method can detect and delete only unauthorized operations before being executed while executing authorized operations.

In one embodiment, a processor includes a memory hierarchy and a core coupled to the memory hierarchy. The memory hierarchy stores encrypted data, and the core includes circuitry to access the encrypted data stored in the memory hierarchy, decrypt the encrypted data to yield decrypted data, perform an entropy test on the decrypted data, and update a processor state based on a result of the entropy test. The entropy test may include determining a number of data entities in the decrypted data whose values are equal to one another, determining a number of adjacent data entities in the decrypted data whose values are equal to one another, determining a number of data entities in the decrypted data whose values are equal to at least one special value from a set of special values, or determining a sum of n highest data entity value frequencies.